Bluetooth: Fix checking the wrong flag when accepting a socket
[linux-3.10.git] / net / bluetooth / af_bluetooth.c
1 /*
2    BlueZ - Bluetooth protocol stack for Linux
3    Copyright (C) 2000-2001 Qualcomm Incorporated
4
5    Written 2000,2001 by Maxim Krasnyansky <maxk@qualcomm.com>
6
7    This program is free software; you can redistribute it and/or modify
8    it under the terms of the GNU General Public License version 2 as
9    published by the Free Software Foundation;
10
11    THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS
12    OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
13    FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT OF THIRD PARTY RIGHTS.
14    IN NO EVENT SHALL THE COPYRIGHT HOLDER(S) AND AUTHOR(S) BE LIABLE FOR ANY
15    CLAIM, OR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES, OR ANY DAMAGES
16    WHATSOEVER RESULTING FROM LOSS OF USE, DATA OR PROFITS, WHETHER IN AN
17    ACTION OF CONTRACT, NEGLIGENCE OR OTHER TORTIOUS ACTION, ARISING OUT OF
18    OR IN CONNECTION WITH THE USE OR PERFORMANCE OF THIS SOFTWARE.
19
20    ALL LIABILITY, INCLUDING LIABILITY FOR INFRINGEMENT OF ANY PATENTS,
21    COPYRIGHTS, TRADEMARKS OR OTHER RIGHTS, RELATING TO USE OF THIS
22    SOFTWARE IS DISCLAIMED.
23 */
24
25 /* Bluetooth address family and sockets. */
26
27 #include <linux/module.h>
28 #include <asm/ioctls.h>
29
30 #include <net/bluetooth/bluetooth.h>
31
32 #define VERSION "2.16"
33
34 /* Bluetooth sockets */
35 #define BT_MAX_PROTO    8
36 static const struct net_proto_family *bt_proto[BT_MAX_PROTO];
37 static DEFINE_RWLOCK(bt_proto_lock);
38
39 static struct lock_class_key bt_lock_key[BT_MAX_PROTO];
40 static const char *const bt_key_strings[BT_MAX_PROTO] = {
41         "sk_lock-AF_BLUETOOTH-BTPROTO_L2CAP",
42         "sk_lock-AF_BLUETOOTH-BTPROTO_HCI",
43         "sk_lock-AF_BLUETOOTH-BTPROTO_SCO",
44         "sk_lock-AF_BLUETOOTH-BTPROTO_RFCOMM",
45         "sk_lock-AF_BLUETOOTH-BTPROTO_BNEP",
46         "sk_lock-AF_BLUETOOTH-BTPROTO_CMTP",
47         "sk_lock-AF_BLUETOOTH-BTPROTO_HIDP",
48         "sk_lock-AF_BLUETOOTH-BTPROTO_AVDTP",
49 };
50
51 static struct lock_class_key bt_slock_key[BT_MAX_PROTO];
52 static const char *const bt_slock_key_strings[BT_MAX_PROTO] = {
53         "slock-AF_BLUETOOTH-BTPROTO_L2CAP",
54         "slock-AF_BLUETOOTH-BTPROTO_HCI",
55         "slock-AF_BLUETOOTH-BTPROTO_SCO",
56         "slock-AF_BLUETOOTH-BTPROTO_RFCOMM",
57         "slock-AF_BLUETOOTH-BTPROTO_BNEP",
58         "slock-AF_BLUETOOTH-BTPROTO_CMTP",
59         "slock-AF_BLUETOOTH-BTPROTO_HIDP",
60         "slock-AF_BLUETOOTH-BTPROTO_AVDTP",
61 };
62
63 void bt_sock_reclassify_lock(struct sock *sk, int proto)
64 {
65         BUG_ON(!sk);
66         BUG_ON(sock_owned_by_user(sk));
67
68         sock_lock_init_class_and_name(sk,
69                         bt_slock_key_strings[proto], &bt_slock_key[proto],
70                                 bt_key_strings[proto], &bt_lock_key[proto]);
71 }
72 EXPORT_SYMBOL(bt_sock_reclassify_lock);
73
74 int bt_sock_register(int proto, const struct net_proto_family *ops)
75 {
76         int err = 0;
77
78         if (proto < 0 || proto >= BT_MAX_PROTO)
79                 return -EINVAL;
80
81         write_lock(&bt_proto_lock);
82
83         if (bt_proto[proto])
84                 err = -EEXIST;
85         else
86                 bt_proto[proto] = ops;
87
88         write_unlock(&bt_proto_lock);
89
90         return err;
91 }
92 EXPORT_SYMBOL(bt_sock_register);
93
94 int bt_sock_unregister(int proto)
95 {
96         int err = 0;
97
98         if (proto < 0 || proto >= BT_MAX_PROTO)
99                 return -EINVAL;
100
101         write_lock(&bt_proto_lock);
102
103         if (!bt_proto[proto])
104                 err = -ENOENT;
105         else
106                 bt_proto[proto] = NULL;
107
108         write_unlock(&bt_proto_lock);
109
110         return err;
111 }
112 EXPORT_SYMBOL(bt_sock_unregister);
113
114 static int bt_sock_create(struct net *net, struct socket *sock, int proto,
115                           int kern)
116 {
117         int err;
118
119         if (net != &init_net)
120                 return -EAFNOSUPPORT;
121
122         if (proto < 0 || proto >= BT_MAX_PROTO)
123                 return -EINVAL;
124
125         if (!bt_proto[proto])
126                 request_module("bt-proto-%d", proto);
127
128         err = -EPROTONOSUPPORT;
129
130         read_lock(&bt_proto_lock);
131
132         if (bt_proto[proto] && try_module_get(bt_proto[proto]->owner)) {
133                 err = bt_proto[proto]->create(net, sock, proto, kern);
134                 if (!err)
135                         bt_sock_reclassify_lock(sock->sk, proto);
136                 module_put(bt_proto[proto]->owner);
137         }
138
139         read_unlock(&bt_proto_lock);
140
141         return err;
142 }
143
144 void bt_sock_link(struct bt_sock_list *l, struct sock *sk)
145 {
146         write_lock(&l->lock);
147         sk_add_node(sk, &l->head);
148         write_unlock(&l->lock);
149 }
150 EXPORT_SYMBOL(bt_sock_link);
151
152 void bt_sock_unlink(struct bt_sock_list *l, struct sock *sk)
153 {
154         write_lock(&l->lock);
155         sk_del_node_init(sk);
156         write_unlock(&l->lock);
157 }
158 EXPORT_SYMBOL(bt_sock_unlink);
159
160 void bt_accept_enqueue(struct sock *parent, struct sock *sk)
161 {
162         BT_DBG("parent %p, sk %p", parent, sk);
163
164         sock_hold(sk);
165         list_add_tail(&bt_sk(sk)->accept_q, &bt_sk(parent)->accept_q);
166         bt_sk(sk)->parent = parent;
167         parent->sk_ack_backlog++;
168 }
169 EXPORT_SYMBOL(bt_accept_enqueue);
170
171 void bt_accept_unlink(struct sock *sk)
172 {
173         BT_DBG("sk %p state %d", sk, sk->sk_state);
174
175         list_del_init(&bt_sk(sk)->accept_q);
176         bt_sk(sk)->parent->sk_ack_backlog--;
177         bt_sk(sk)->parent = NULL;
178         sock_put(sk);
179 }
180 EXPORT_SYMBOL(bt_accept_unlink);
181
182 struct sock *bt_accept_dequeue(struct sock *parent, struct socket *newsock)
183 {
184         struct list_head *p, *n;
185         struct sock *sk;
186
187         BT_DBG("parent %p", parent);
188
189         list_for_each_safe(p, n, &bt_sk(parent)->accept_q) {
190                 sk = (struct sock *) list_entry(p, struct bt_sock, accept_q);
191
192                 lock_sock(sk);
193
194                 /* FIXME: Is this check still needed */
195                 if (sk->sk_state == BT_CLOSED) {
196                         release_sock(sk);
197                         bt_accept_unlink(sk);
198                         continue;
199                 }
200
201                 if (sk->sk_state == BT_CONNECTED || !newsock ||
202                     test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags)) {
203                         bt_accept_unlink(sk);
204                         if (newsock)
205                                 sock_graft(sk, newsock);
206
207                         release_sock(sk);
208                         return sk;
209                 }
210
211                 release_sock(sk);
212         }
213
214         return NULL;
215 }
216 EXPORT_SYMBOL(bt_accept_dequeue);
217
218 int bt_sock_recvmsg(struct kiocb *iocb, struct socket *sock,
219                                 struct msghdr *msg, size_t len, int flags)
220 {
221         int noblock = flags & MSG_DONTWAIT;
222         struct sock *sk = sock->sk;
223         struct sk_buff *skb;
224         size_t copied;
225         int err;
226
227         BT_DBG("sock %p sk %p len %zu", sock, sk, len);
228
229         if (flags & (MSG_OOB))
230                 return -EOPNOTSUPP;
231
232         skb = skb_recv_datagram(sk, flags, noblock, &err);
233         if (!skb) {
234                 if (sk->sk_shutdown & RCV_SHUTDOWN)
235                         return 0;
236                 return err;
237         }
238
239         msg->msg_namelen = 0;
240
241         copied = skb->len;
242         if (len < copied) {
243                 msg->msg_flags |= MSG_TRUNC;
244                 copied = len;
245         }
246
247         skb_reset_transport_header(skb);
248         err = skb_copy_datagram_iovec(skb, 0, msg->msg_iov, copied);
249         if (err == 0)
250                 sock_recv_ts_and_drops(msg, sk, skb);
251
252         skb_free_datagram(sk, skb);
253
254         return err ? : copied;
255 }
256 EXPORT_SYMBOL(bt_sock_recvmsg);
257
258 static long bt_sock_data_wait(struct sock *sk, long timeo)
259 {
260         DECLARE_WAITQUEUE(wait, current);
261
262         add_wait_queue(sk_sleep(sk), &wait);
263         for (;;) {
264                 set_current_state(TASK_INTERRUPTIBLE);
265
266                 if (!skb_queue_empty(&sk->sk_receive_queue))
267                         break;
268
269                 if (sk->sk_err || (sk->sk_shutdown & RCV_SHUTDOWN))
270                         break;
271
272                 if (signal_pending(current) || !timeo)
273                         break;
274
275                 set_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
276                 release_sock(sk);
277                 timeo = schedule_timeout(timeo);
278                 lock_sock(sk);
279                 clear_bit(SOCK_ASYNC_WAITDATA, &sk->sk_socket->flags);
280         }
281
282         __set_current_state(TASK_RUNNING);
283         remove_wait_queue(sk_sleep(sk), &wait);
284         return timeo;
285 }
286
287 int bt_sock_stream_recvmsg(struct kiocb *iocb, struct socket *sock,
288                                struct msghdr *msg, size_t size, int flags)
289 {
290         struct sock *sk = sock->sk;
291         int err = 0;
292         size_t target, copied = 0;
293         long timeo;
294
295         if (flags & MSG_OOB)
296                 return -EOPNOTSUPP;
297
298         msg->msg_namelen = 0;
299
300         BT_DBG("sk %p size %zu", sk, size);
301
302         lock_sock(sk);
303
304         target = sock_rcvlowat(sk, flags & MSG_WAITALL, size);
305         timeo  = sock_rcvtimeo(sk, flags & MSG_DONTWAIT);
306
307         do {
308                 struct sk_buff *skb;
309                 int chunk;
310
311                 skb = skb_dequeue(&sk->sk_receive_queue);
312                 if (!skb) {
313                         if (copied >= target)
314                                 break;
315
316                         err = sock_error(sk);
317                         if (err)
318                                 break;
319                         if (sk->sk_shutdown & RCV_SHUTDOWN)
320                                 break;
321
322                         err = -EAGAIN;
323                         if (!timeo)
324                                 break;
325
326                         timeo = bt_sock_data_wait(sk, timeo);
327
328                         if (signal_pending(current)) {
329                                 err = sock_intr_errno(timeo);
330                                 goto out;
331                         }
332                         continue;
333                 }
334
335                 chunk = min_t(unsigned int, skb->len, size);
336                 if (skb_copy_datagram_iovec(skb, 0, msg->msg_iov, chunk)) {
337                         skb_queue_head(&sk->sk_receive_queue, skb);
338                         if (!copied)
339                                 copied = -EFAULT;
340                         break;
341                 }
342                 copied += chunk;
343                 size   -= chunk;
344
345                 sock_recv_ts_and_drops(msg, sk, skb);
346
347                 if (!(flags & MSG_PEEK)) {
348                         int skb_len = skb_headlen(skb);
349
350                         if (chunk <= skb_len) {
351                                 __skb_pull(skb, chunk);
352                         } else {
353                                 struct sk_buff *frag;
354
355                                 __skb_pull(skb, skb_len);
356                                 chunk -= skb_len;
357
358                                 skb_walk_frags(skb, frag) {
359                                         if (chunk <= frag->len) {
360                                                 /* Pulling partial data */
361                                                 skb->len -= chunk;
362                                                 skb->data_len -= chunk;
363                                                 __skb_pull(frag, chunk);
364                                                 break;
365                                         } else if (frag->len) {
366                                                 /* Pulling all frag data */
367                                                 chunk -= frag->len;
368                                                 skb->len -= frag->len;
369                                                 skb->data_len -= frag->len;
370                                                 __skb_pull(frag, frag->len);
371                                         }
372                                 }
373                         }
374
375                         if (skb->len) {
376                                 skb_queue_head(&sk->sk_receive_queue, skb);
377                                 break;
378                         }
379                         kfree_skb(skb);
380
381                 } else {
382                         /* put message back and return */
383                         skb_queue_head(&sk->sk_receive_queue, skb);
384                         break;
385                 }
386         } while (size);
387
388 out:
389         release_sock(sk);
390         return copied ? : err;
391 }
392 EXPORT_SYMBOL(bt_sock_stream_recvmsg);
393
394 static inline unsigned int bt_accept_poll(struct sock *parent)
395 {
396         struct list_head *p, *n;
397         struct sock *sk;
398
399         list_for_each_safe(p, n, &bt_sk(parent)->accept_q) {
400                 sk = (struct sock *) list_entry(p, struct bt_sock, accept_q);
401                 if (sk->sk_state == BT_CONNECTED ||
402                     (test_bit(BT_SK_DEFER_SETUP, &bt_sk(parent)->flags) &&
403                      sk->sk_state == BT_CONNECT2))
404                         return POLLIN | POLLRDNORM;
405         }
406
407         return 0;
408 }
409
410 unsigned int bt_sock_poll(struct file *file, struct socket *sock,
411                           poll_table *wait)
412 {
413         struct sock *sk = sock->sk;
414         unsigned int mask = 0;
415
416         BT_DBG("sock %p, sk %p", sock, sk);
417
418         poll_wait(file, sk_sleep(sk), wait);
419
420         if (sk->sk_state == BT_LISTEN)
421                 return bt_accept_poll(sk);
422
423         if (sk->sk_err || !skb_queue_empty(&sk->sk_error_queue))
424                 mask |= POLLERR;
425
426         if (sk->sk_shutdown & RCV_SHUTDOWN)
427                 mask |= POLLRDHUP | POLLIN | POLLRDNORM;
428
429         if (sk->sk_shutdown == SHUTDOWN_MASK)
430                 mask |= POLLHUP;
431
432         if (!skb_queue_empty(&sk->sk_receive_queue))
433                 mask |= POLLIN | POLLRDNORM;
434
435         if (sk->sk_state == BT_CLOSED)
436                 mask |= POLLHUP;
437
438         if (sk->sk_state == BT_CONNECT ||
439                         sk->sk_state == BT_CONNECT2 ||
440                         sk->sk_state == BT_CONFIG)
441                 return mask;
442
443         if (!test_bit(BT_SK_SUSPEND, &bt_sk(sk)->flags) && sock_writeable(sk))
444                 mask |= POLLOUT | POLLWRNORM | POLLWRBAND;
445         else
446                 set_bit(SOCK_ASYNC_NOSPACE, &sk->sk_socket->flags);
447
448         return mask;
449 }
450 EXPORT_SYMBOL(bt_sock_poll);
451
452 int bt_sock_ioctl(struct socket *sock, unsigned int cmd, unsigned long arg)
453 {
454         struct sock *sk = sock->sk;
455         struct sk_buff *skb;
456         long amount;
457         int err;
458
459         BT_DBG("sk %p cmd %x arg %lx", sk, cmd, arg);
460
461         switch (cmd) {
462         case TIOCOUTQ:
463                 if (sk->sk_state == BT_LISTEN)
464                         return -EINVAL;
465
466                 amount = sk->sk_sndbuf - sk_wmem_alloc_get(sk);
467                 if (amount < 0)
468                         amount = 0;
469                 err = put_user(amount, (int __user *) arg);
470                 break;
471
472         case TIOCINQ:
473                 if (sk->sk_state == BT_LISTEN)
474                         return -EINVAL;
475
476                 lock_sock(sk);
477                 skb = skb_peek(&sk->sk_receive_queue);
478                 amount = skb ? skb->len : 0;
479                 release_sock(sk);
480                 err = put_user(amount, (int __user *) arg);
481                 break;
482
483         case SIOCGSTAMP:
484                 err = sock_get_timestamp(sk, (struct timeval __user *) arg);
485                 break;
486
487         case SIOCGSTAMPNS:
488                 err = sock_get_timestampns(sk, (struct timespec __user *) arg);
489                 break;
490
491         default:
492                 err = -ENOIOCTLCMD;
493                 break;
494         }
495
496         return err;
497 }
498 EXPORT_SYMBOL(bt_sock_ioctl);
499
500 int bt_sock_wait_state(struct sock *sk, int state, unsigned long timeo)
501 {
502         DECLARE_WAITQUEUE(wait, current);
503         int err = 0;
504
505         BT_DBG("sk %p", sk);
506
507         add_wait_queue(sk_sleep(sk), &wait);
508         set_current_state(TASK_INTERRUPTIBLE);
509         while (sk->sk_state != state) {
510                 if (!timeo) {
511                         err = -EINPROGRESS;
512                         break;
513                 }
514
515                 if (signal_pending(current)) {
516                         err = sock_intr_errno(timeo);
517                         break;
518                 }
519
520                 release_sock(sk);
521                 timeo = schedule_timeout(timeo);
522                 lock_sock(sk);
523                 set_current_state(TASK_INTERRUPTIBLE);
524
525                 err = sock_error(sk);
526                 if (err)
527                         break;
528         }
529         __set_current_state(TASK_RUNNING);
530         remove_wait_queue(sk_sleep(sk), &wait);
531         return err;
532 }
533 EXPORT_SYMBOL(bt_sock_wait_state);
534
535 static struct net_proto_family bt_sock_family_ops = {
536         .owner  = THIS_MODULE,
537         .family = PF_BLUETOOTH,
538         .create = bt_sock_create,
539 };
540
541 static int __init bt_init(void)
542 {
543         int err;
544
545         BT_INFO("Core ver %s", VERSION);
546
547         err = bt_sysfs_init();
548         if (err < 0)
549                 return err;
550
551         err = sock_register(&bt_sock_family_ops);
552         if (err < 0) {
553                 bt_sysfs_cleanup();
554                 return err;
555         }
556
557         BT_INFO("HCI device and connection manager initialized");
558
559         err = hci_sock_init();
560         if (err < 0)
561                 goto error;
562
563         err = l2cap_init();
564         if (err < 0)
565                 goto sock_err;
566
567         err = sco_init();
568         if (err < 0) {
569                 l2cap_exit();
570                 goto sock_err;
571         }
572
573         return 0;
574
575 sock_err:
576         hci_sock_cleanup();
577
578 error:
579         sock_unregister(PF_BLUETOOTH);
580         bt_sysfs_cleanup();
581
582         return err;
583 }
584
585 static void __exit bt_exit(void)
586 {
587
588         sco_exit();
589
590         l2cap_exit();
591
592         hci_sock_cleanup();
593
594         sock_unregister(PF_BLUETOOTH);
595
596         bt_sysfs_cleanup();
597 }
598
599 subsys_initcall(bt_init);
600 module_exit(bt_exit);
601
602 MODULE_AUTHOR("Marcel Holtmann <marcel@holtmann.org>");
603 MODULE_DESCRIPTION("Bluetooth Core ver " VERSION);
604 MODULE_VERSION(VERSION);
605 MODULE_LICENSE("GPL");
606 MODULE_ALIAS_NETPROTO(PF_BLUETOOTH);